CVE-2023-4042 MEDIUM

CVE-2023-4042: Ghostscript: incomplete fix for cve-2020-16305

Vendor Red Hat
Product Red Hat Enterprise Linux 6
Weakness CWE-125
Published August 23, 2023
Last update November 21, 2025

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

Key dates

02Disclosure timeline

August 23, 2023 CVE published
November 21, 2025 Record updated

Related vulnerabilities

04Related CVE